23 May 2007

Microsoft releases Office document security protection

Antony Savvas, Computer Weekly

Microsoft is recommending that its users adopt two new security features in its Office suite to protect themselves from malicious Office documents.

Redmond has announced the availability of the Microsoft Office Isolated Conversion Environment (Moice) feature and is pushing the recently released File Block update for Microsoft Office 2003 and the 2007 Microsoft Office system

Both features are designed to make it easier for administrators and individual users to protect themselves from Office files that may contain malicious software, such as unsolicited Office files received from unknown or known sources.

Moice makes it easier by providing new security mitigation technologies designed to convert specific Microsoft Office files types, while File Block provides a mechanism that can control and block the opening of specific Microsoft Office file types.

Moice uses the 2007 Microsoft Office system converters to convert Office 2003 binary documents to the newer Office open XML format. The conversion process helps protect customers by converting the Office 2003 binary file format to the Office open XML format in an isolated environment.

Moice provides a mechanism for customers to pre-process potentially unsafe Office 2003 binary documents. The conversion process provides customers with a greater degree of certainty that the document can be considered safe.

The File Block functionality for Microsoft Office 2003 and the 2007 Microsoft Office system allows administrators to restrict via registry and group policy specific Office file types that can or cannot be opened when using Microsoft Word, Powerpoint, and Microsoft Excel.

Blocking specific Office file types allows administrators to temporarily deny users the ability to open certain files, such as when a threat of attack from a given Office file type exists, said Microsoft, particularly when there is no patch available for the threat.

Microsoft said, "When Moice and File Block are used together they are an effective mitigation strategy for customers when the threat of attack using certain Office types exists.

"This enables customers to continue using Microsoft Office with a high degree of assurance that the files being opened are considered safe and will not infect users with malicious software."

This article first appeared on the web-site of Computer Weekly, at http://www.computerweekly.com//Articles/2007/05/23/224025/microsoft-releases-office-document-security-protection.htm. © Reed Business Information 2007.